Page 472 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 472
Summary
Asymmetric key cryptography, or public key encryption, provides an
extremely flexible infrastructure, facilitating simple, secure
communication between parties that do not necessarily know each
other prior to initiating the communication. It also provides the
framework for the digital signing of messages to ensure
nonrepudiation and message integrity.
This chapter explored public key encryption, which provides a scalable
cryptographic architecture for use by large numbers of users. We also
described some popular cryptographic algorithms, such as link
encryption and end-to-end encryption. Finally, we introduced you to
the public key infrastructure, which uses certificate authorities (CAs)
to generate digital certificates containing the public keys of system
users and digital signatures, which rely on a combination of public key
cryptography and hashing functions.
We also looked at some of the common applications of cryptographic
technology in solving everyday problems. You learned how
cryptography can be used to secure email (using PGP and S/MIME),
web communications (using SSL and TLS), and both peer-to-peer and
gateway-to-gateway networking (using IPsec and ISAKMP) as well as
wireless communications (using WPA and WPA2).
Finally, we covered some of the more common attacks used by
malicious individuals attempting to interfere with or intercept
encrypted communications between two parties. Such attacks include
birthday, cryptanalytic, replay, brute-force, known plaintext, chosen
plaintext, chosen ciphertext, meet-in-the-middle, man-in-the-middle,
and birthday attacks. It’s important for you to understand these
attacks in order to provide adequate security against them.
